On ke, 2015-02-04 at 15:53 +0100, Martin Tournoij wrote: > On Wed, Feb 4, 2015, at 15:41, Jukka Rissanen wrote: > > Just wondering where do you get the nameserver IP addresses in this > > case? Are you manually updating resolv.conf? > > Not sure if I understand this question?
I mean where does unbound gets its names resolved, are you using 8.8.8.8 or similar global service? > > Let me explain my setup in more detail: > > - Run unbound on 127.0.0.54 > > - Run adsuck on 127.0.0.53, this filters ad domains (spoofs reply with > 127.0.0.2), and forwards other queries to 127.0.0.42 (unbound). > > - Start connman with --nodnsproxy > > - For the root user, run a crontab with: > */5 * * * * echo 'nameserver 127.0.0.53' > /etc/resolv.conf > > unbound works as recursive resolver, no other DNS server required. > > This works, except for the first 0 to 5 minutes I connected to a new > network. It's also more than a bit ugly... > > Is this a very esoteric setup? I don't know ... It makes sense to me to This is very exotic setup :) You might be able to configure connman to use your 127.0.0.53 server by configuring it to each service you are using (have not tested this thou). Example: connmanctl config your_service_id --nameservers 127.0.0.53 and then running connman with dnsproxy enabled. > not use every random DNS server out there... DNSSEC should ensure I get > responses that haven't been tampered with... I don't know what random > DNS servers do at starbucks do... > > Thanks, > Martin Cheers, Jukka _______________________________________________ connman mailing list [email protected] https://lists.connman.net/mailman/listinfo/connman
